Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 08.03.2024
Exécuté par ahmed (administrateur) sur LAPTOP-METDILG9 (LENOVO 80K6) (09-03-2024 08:43:35)
Exécuté depuis C:\Users\ahmed\Desktop\FRST64.exe
Profils chargés: ahmed
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.4046 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\UA Connect\UA Connect.exe ->) (Universal Audio, Inc. -> Universal Audio) C:\Program Files\UA Connect\resources\native\windows\x64\uacloudhelper.exe
(C:\Users\ahmed\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\ahmed\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe
(Cloanto Corporation -> Cloanto Corporation) C:\Program Files (x86)\Common Files\Cloanto\Software Director\softdir.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Musecy SM Ltd. -> Muse) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.2.800_x64__rb9pth70m6nz6\Muse.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(explorer.exe ->) (Universal Audio, Inc. -> Universal Audio, Inc.) C:\Program Files\UA Connect\UA Connect.exe <4>
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Avid Technology, Inc.) [Fichier non signé] C:\Program Files\Avid\Pro Tools\MMERefresh.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Software Development Products -> Intel(R) Corporation) C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseDCM.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe
(services.exe ->) (Musecy SM Ltd. -> Muse.Service) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.2.800_x64__rb9pth70m6nz6\Muse.Service.exe
(services.exe ->) (PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(services.exe ->) (Softube AB -> ) C:\Program Files\Softube\InstallerDaemon\InstallerService.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\ahmed\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\ahmed\AppData\Local\Microsoft\OneDrive\24.025.0204.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2401.2.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-05-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3743648 2015-06-25] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [DigidesignMMERefresh] => C:\Program Files\Avid\Pro Tools\MMERefresh.exe [117760 2016-05-09] (Avid Technology, Inc.) [Fichier non signé]
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [3160256 2021-05-10] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [GoPro Studio Importer] => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [3218184 2015-10-02] (GoPro, Inc. -> GoPro)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [CloantoSoftwareDirector] => C:\Program Files (x86)\Common Files\Cloanto\Software Director\softdir.exe [413000 2015-11-27] (Cloanto Corporation -> Cloanto Corporation)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (Shenzhen Yi Xing Investment Co., Ltd. -> iSkySoft)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [50899640 2020-03-27] (Hammer & Chisel Inc. -> Hammer & Chisel, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\Run: [MicrosoftEdgeAutoLaunch_8F18D55D5A8BBD283E9ED3C840256F33] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060728 2024-03-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\Run: [electron.app.UA Connect] => C:\Program Files\UA Connect\UA Connect.exe [163485584 2023-12-20] (Universal Audio, Inc. -> Universal Audio, Inc.)
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session -- microsoft-edge:hxxps://www.bing.com/sea (l'élément de données a 176 caractères en plus). [4060728 2024-03-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\MountPoints2: {0f60f23b-6b0f-11ed-9da6-b46d83fc022d} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\MountPoints2: {1903d9be-6dda-11ee-9e25-b46d83fc022d} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\MountPoints2: {392896c1-88b0-11eb-9d2c-1c394716231b} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\MountPoints2: {b4c7ac7f-2cf2-11ed-9d8f-b46d83fc022d} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\MountPoints2: {bb80d813-a221-11ec-9d74-1c394716231b} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\MountPoints2: {ed1957a6-d12a-11ed-9de5-b46d83fc022d} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-40630279-3267804419-453767322-1002\...\Run: [Discord] => C:\Users\bayal\AppData\Local\Discord\Update.exe [1512096 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-40630279-3267804419-453767322-1002\...\Run: [MicrosoftEdgeAutoLaunch_F009F001F93CA8AA0F5CFDE9437E5C3D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4060728 2024-03-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-40630279-3267804419-453767322-1002\...\Run: [Google Update] => C:\Users\bayal\AppData\Local\Google\Update\1.3.36.323\GoogleUpdateCore.exe [223008 2023-11-26] (Google LLC -> Google LLC)
HKU\S-1-5-21-40630279-3267804419-453767322-1002\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\bayal\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Pas de fichier)
HKU\S-1-5-21-40630279-3267804419-453767322-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\bayal\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Pas de fichier)
HKU\S-1-5-21-40630279-3267804419-453767322-1002\...\RunOnce: [Uninstall 21.245.1128.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\bayal\AppData\Local\Microsoft\OneDrive\21.245.1128.0002" [0 2023-11-26] () <==== ATTENTION [zéro octet Fichier/Dossier]
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [53656 2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\122.0.6261.112\Installer\chrmstp.exe [2024-03-08] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {33A4E136-8B8E-43E6-9A7D-39D5CDD58D0A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {884B5381-EB78-4FFB-A532-DAAFC77484FB} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {7792E9AD-BC49-42EC-8D9D-F1A3FF2DC416} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {48C1F5FA-0EBD-4C1E-A0B2-FCA6C2BC0AB5} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-ahmed.lasfer@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {62836F18-A518-41BF-B6BA-70F673C3A907} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe backgroundagent (Pas de fichier)
Task: {5241CB3C-C758-48AD-8FB9-A21895BC88A0} - System32\Tasks\DolbySelectorTask => %ProgramFiles%\Dolby Digital Plus\ddp.exe -autostart (Pas de fichier)
Task: {E942F175-55AF-4102-A913-62072CDF4621} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6342.2{D9FAC217-DFA1-4815-BC4F-BFFBD2CFB3EF} => C:\Program Files (x86)\Google\GoogleUpdater\124.0.6342.2\updater.exe [4721952 2024-03-06] (Google LLC -> Google LLC)
Task: {18F9CC10-FC9F-4789-BD51-E8ADE57B1730} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-40630279-3267804419-453767322-1002Core => C:\Users\bayal\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2016-08-07] (Google Inc -> Google Inc.)
Task: {76E4F7F5-B27D-404C-B4E8-50EB6A97836E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-40630279-3267804419-453767322-1002UA => C:\Users\bayal\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2016-08-07] (Google Inc -> Google Inc.)
Task: {7E98E48F-85CE-41ED-AC19-9D5CD1A06C3B} - System32\Tasks\Lenovo\Experience Improvement => "C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe" (Pas de fichier)
Task: {3E746C60-0DDA-441E-B950-3B84A4A4A7E6} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {142327AC-8258-46FF-93F5-C1D75E9A900B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {9E71278D-E25C-47B3-A02A-DF9F5AD2B000} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2480c85b-cd5a-4db0-9a85-9e44311bd403 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {ED0D8135-DC00-4C7C-BFBF-C9182E0E5C81} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2b71b68c-d93e-46c2-bce8-760ba02e0639 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {ED3F38E6-94A7-4B14-BF5F-3BDC4D5B0E51} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\b1feacbb-b36d-4ea3-9f7d-1c5f46fc731f => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {2C8B53FB-A841-4CC9-B7D7-5E5AE8DADA06} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e5bd82cb-1654-4e05-a54a-4fd06af3ef20 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {F6D89456-A31F-4227-B26C-B19EE15B2BD7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f8a613ef-87e6-46c4-bc46-50c332915b0d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {462355F7-6372-47A4-9A6F-AD3156A14B70} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
Task: {4D67B00F-675B-44DB-8B53-8D81251C95E7} - System32\Tasks\Lenovo\REACHit Agent Startup => "C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe" /nobrowser (Pas de fichier)
Task: {89630444-05B9-40F7-A6A4-67054B43F7CE} - System32\Tasks\Lenovo\REACHit Agent Update => "C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe" -update (Pas de fichier)
Task: {CB9F2222-C045-4341-A0E2-53A9C18AA8C6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B86BE6A2-47F3-49C1-8823-A8060B440D13} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {991F6FF6-7D4C-4A6C-B36B-9072B9A25FD6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6384C163-8A60-4977-B016-8D6C4F5693BD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F76C8543-149C-4141-91DF-A69265EAB21E} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671648 2024-03-06] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {EE5D5B8E-AB9D-4311-AF41-E68C55185F98} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-40630279-3267804419-453767322-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671648 2024-03-06] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {E8062FD6-54D6-4A53-A786-92DF38CC2FD5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-03-06] (Mozilla Corporation -> Mozilla Foundation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{ec3b97e7-efd3-4666-8135-6bff281b953c}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\ahmed\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-09]
Edge HomePage: Default -> hxxp://www.home-explore.com/
Edge StartupUrls: Default -> "hxxp://www.home-explore.com/"
Edge DefaultSearchURL: Default -> {bing:baseURL}search?q={searchTerms}&{bing:cvid}{bing:msb}{google:assistedQueryStats}
Edge Extension: (Google Docs hors connexion) - C:\Users\ahmed\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-08]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\ahmed\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-02-28]
Edge Extension: (Edge relevant text changes) - C:\Users\ahmed\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: tzvrkahc.default-1680280562217
FF ProfilePath: C:\Users\ahmed\AppData\Roaming\Mozilla\Firefox\Profiles\tzvrkahc.default-1680280562217 [2024-03-09]
FF Notifications: Mozilla\Firefox\Profiles\tzvrkahc.default-1680280562217 -> hxxps://www.facebook.com
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2016-01-03] [] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2024-02-22] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default [2024-03-08]
CHR Extension: (Slides) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-26]
CHR Extension: (Docs) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-26]
CHR Extension: (Google Drive) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-07-02]
CHR Extension: (YouTube) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-12]
CHR Extension: (Sheets) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-26]
CHR Extension: (Google Docs hors connexion) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-08]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-03-08]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-18]
CHR Extension: (Gmail) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-06-18]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 DigiRefresh; C:\Program Files\Avid\Pro Tools\MMERefresh.exe [117760 2016-05-09] (Avid Technology, Inc.) [Fichier non signé]
S3 digiSPTIService64; C:\Program Files\Avid\Pro Tools\digisptiservice64.exe [197632 2016-05-09] (Avid Technology, Inc.) [Fichier non signé]
S2 GoogleUpdaterInternalService124.0.6342.2; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6342.2\updater.exe [4721952 2024-03-06] (Google LLC -> Google LLC)
S2 GoogleUpdaterService124.0.6342.2; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6342.2\updater.exe [4721952 2024-03-06] (Google LLC -> Google LLC)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
R3 Muse Hub Background Service; C:\Program Files\WindowsApps\Muse.MuseHub_1.0.2.800_x64__rb9pth70m6nz6\Muse.Service.exe [188928 2023-12-04] (Musecy SM Ltd. -> Muse.Service)
R2 NativePushService; C:\Users\ahmed\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [595352 2023-08-22] (Wondershare Technology Group Co.,Ltd -> Wondershare)
R2 RealSenseDCM; C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseDCM.exe [3663512 2015-10-15] (Intel(R) Software Development Products -> Intel(R) Corporation)
R2 SoftubeInstallerDaemon; C:\Program Files\Softube\InstallerDaemon\InstallerService.exe [10284824 2019-07-10] (Softube AB -> )
S3 UAHelperService; C:\Program Files\UA Connect\resources\native\windows\x64\uahelperservice.exe [6904208 2023-12-20] (Universal Audio, Inc. -> Universal Audio)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe [3191256 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe [133576 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u hxxps://activation.paceap.com/InitiateActivation
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 Apogee; C:\WINDOWS\System32\drivers\Apogee.sys [351808 2018-01-04] (Microsoft Windows Hardware Compatibility Publisher -> Thesycon Software Solutions GmbH & Co. KG)
R3 Apogeeks; C:\WINDOWS\System32\drivers\Apogeeks.sys [53312 2018-01-04] (Microsoft Windows Hardware Compatibility Publisher -> Thesycon Software Solutions GmbH & Co. KG)
R3 IXCamera; C:\WINDOWS\system32\DRIVERS\RealSenseDCM.sys [72704 2015-10-15] (Intel(R) Software Development Products -> Intel(R) Corporation)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24064 2023-10-11] (Microsoft Corporation) [Fichier non signé]
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21040 2024-02-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [608648 2024-02-28] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105752 2024-02-28] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
S3 AppleLowerFilter; \SystemRoot\System32\drivers\AppleLowerFilter.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-03-09 08:43 - 2024-03-09 08:45 - 000030627 _____ C:\Users\ahmed\Desktop\FRST.txt
2024-03-09 08:41 - 2024-03-09 08:44 - 000000000 ____D C:\FRST
2024-03-09 08:37 - 2024-03-09 08:38 - 047696672 _____ (Corel Corporation) C:\Users\ahmed\Desktop\wzsus53.exe
2024-03-09 08:37 - 2024-03-09 08:37 - 002390016 _____ (Farbar) C:\Users\ahmed\Desktop\FRST64.exe
2024-03-06 18:21 - 2024-03-08 10:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-03-02 11:08 - 2024-03-02 11:12 - 001398780 _____ C:\WINDOWS\Minidump\030224-52875-01.dmp
2024-02-24 21:57 - 2024-02-24 21:57 - 000000000 ____D C:\Users\ahmed\AppData\Local\ToastNotificationManagerCompat
2024-02-24 21:53 - 2024-02-24 21:53 - 003361880 _____ (OneLaunch ) C:\Users\ahmed\Downloads\OneLaunch - Manuals Search_b8fc6.exe
2024-02-24 21:50 - 2024-02-24 21:50 - 007762072 _____ C:\Users\ahmed\Downloads\Francisco Tarrega - Opere per Chitarra - Vol.3 - Composizioni Originali (Mario Gangi, Carlo Carfagna) (Z-Library).pdf
2024-02-24 21:50 - 2024-02-24 21:50 - 006598834 _____ C:\Users\ahmed\Downloads\Francisco Tarrega - Opere per Chitarra - Vol.2 - Studi (Mario Gangi, Carlo Carfagna) (Z-Library).pdf
2024-02-24 21:49 - 2024-02-24 21:49 - 003829510 _____ C:\Users\ahmed\Downloads\Francisco Tarrega - Opere per Chitarra - Vol.1 - Preludi (Mario Gangi, Carlo Carfagna) (Z-Library).pdf
2024-02-24 21:46 - 2024-02-24 21:46 - 007521104 _____ C:\Users\ahmed\Downloads\Complete Etudes for Guitar (Francisco Tarrega) (Z-Library).pdf
2024-02-24 21:40 - 2024-02-24 21:40 - 001847598 _____ C:\Users\ahmed\Downloads\Comme des chansons Vol 3 (Thierry Tisserand) (Z-Library).pdf
2024-02-24 21:37 - 2024-02-24 21:37 - 006545042 _____ C:\Users\ahmed\Downloads\20 Etudes Simples (Leo Brouwer) (Z-Library).pdf
2024-02-24 21:36 - 2024-02-24 21:36 - 001476712 _____ C:\Users\ahmed\Downloads\Etudes simples pour guitare. 1ere serie (No. 1 a 5) (Leo Brouwer) (Z-Library).pdf
2024-02-24 21:35 - 2024-02-24 21:35 - 019144601 _____ C:\Users\ahmed\Downloads\12 sonatas. Transcribed for guitar by Leo Brouwer (Domenico Scarlatti) (Z-Library).pdf
2024-02-24 21:24 - 2024-02-24 21:24 - 002217454 _____ C:\Users\ahmed\Downloads\Imagens do Nordeste (for 2 guitars) (Machado Celso.) (Z-Library).pdf
2024-02-24 21:14 - 2024-02-24 21:14 - 014337466 _____ C:\Users\ahmed\Downloads\CATAGUI.pdf
2024-02-24 21:13 - 2024-02-24 21:13 - 007088289 _____ C:\Users\ahmed\Downloads\A Way of Life (Maria Linnemann) (Z-Library).pdf
2024-02-21 22:28 - 2024-02-21 22:28 - 000000000 _____ C:\WINDOWS\Minidump\022124-47000-01.dmp
2024-02-21 19:27 - 2024-02-21 19:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2024-02-16 17:04 - 2024-03-09 08:33 - 000000000 ____D C:\Users\ahmed\Desktop\Télécharger
2024-02-16 16:18 - 2024-02-16 16:18 - 000019697 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-02-16 16:16 - 2024-02-16 16:16 - 000019697 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-02-16 15:02 - 2024-02-16 15:02 - 000000000 ___HD C:\$WinREAgent
2024-02-11 14:07 - 2024-02-11 14:07 - 000001164 _____ C:\Users\ahmed\Desktop\MuseScore 4.lnk
2024-02-09 15:41 - 2024-02-09 15:41 - 014667313 _____ C:\Users\ahmed\Downloads\wetransfer_2023_fdcp_selection-5237-jpg_2024-02-07_1112.zip
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-03-09 08:42 - 2022-02-10 20:50 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-03-09 08:39 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-09 08:28 - 2020-12-01 00:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-03-09 08:04 - 2023-12-04 10:11 - 000000000 ____D C:\Users\ahmed\AppData\Roaming\MuseScore
2024-03-09 07:47 - 2018-05-19 15:46 - 000000000 ____D C:\Users\ahmed\AppData\Local\Adobe
2024-03-09 07:40 - 2020-12-01 00:50 - 000006020 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-09 07:40 - 2020-11-29 19:45 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2024-03-09 07:40 - 2019-12-07 15:49 - 000883204 _____ C:\WINDOWS\system32\perfh00C.dat
2024-03-09 07:40 - 2019-12-07 15:49 - 000188122 _____ C:\WINDOWS\system32\perfc00C.dat
2024-03-09 07:40 - 2015-12-27 12:28 - 000000000 __SHD C:\Users\ahmed\IntelGraphicsProfiles
2024-03-08 19:44 - 2020-11-30 22:37 - 000000000 ____D C:\Users\ahmed
2024-03-08 11:13 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-08 11:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-03-08 11:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-03-08 10:57 - 2021-12-17 17:36 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-03-08 10:53 - 2016-02-12 19:04 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-08 10:50 - 2023-03-31 17:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-03-08 10:50 - 2020-12-01 01:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-03-08 10:50 - 2020-12-01 00:25 - 000008192 ___SH C:\DumpStack.log.tmp
2024-03-08 10:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-03-06 21:20 - 2023-03-31 17:35 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-03-06 18:26 - 2021-12-11 10:31 - 000003580 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-40630279-3267804419-453767322-1001
2024-03-06 18:26 - 2020-12-01 01:04 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-40630279-3267804419-453767322-1001
2024-03-06 18:26 - 2020-11-30 22:37 - 000002420 _____ C:\Users\ahmed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-06 18:25 - 2020-12-01 01:04 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-06 18:25 - 2020-12-01 01:04 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-03 21:25 - 2015-12-27 20:40 - 000000000 ____D C:\Users\ahmed\AppData\Roaming\vlc
2024-03-03 20:29 - 2020-06-14 23:48 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-03 20:29 - 2020-06-14 23:48 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-03-02 11:13 - 2021-02-03 22:30 - 000000000 ____D C:\WINDOWS\Minidump
2024-03-02 11:08 - 2021-02-03 22:30 - 1269834853 _____ C:\WINDOWS\MEMORY.DMP
2024-02-28 12:34 - 2022-10-14 10:14 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2024-02-28 12:31 - 2018-05-19 16:19 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-02-25 11:05 - 2017-12-22 16:22 - 000000000 ____D C:\Users\ahmed\AppData\Local\Packages
2024-02-23 10:52 - 2024-01-02 16:50 - 000008192 _____ C:\Users\ahmed\Desktop\Travaux musique.xls
2024-02-22 22:04 - 2023-03-31 17:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-02-21 19:27 - 2016-02-12 19:03 - 000000000 ____D C:\Program Files (x86)\Google
2024-02-19 18:05 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-02-16 21:53 - 2019-12-07 10:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2024-02-16 21:47 - 2020-12-01 00:26 - 005431200 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-02-16 21:41 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-02-16 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-02-16 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-02-16 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-16 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-02-16 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-02-16 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-02-16 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-02-16 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-02-16 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-02-16 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-02-16 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-16 16:29 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-16 16:16 - 2020-12-01 00:31 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-02-16 14:53 - 2016-02-17 22:05 - 000000000 ____D C:\ProgramData\Package Cache
2024-02-16 14:52 - 2023-12-04 09:58 - 000000000 ____D C:\Program Files\dotnet
2024-02-16 14:51 - 2015-12-27 19:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-16 14:37 - 2015-12-27 19:53 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-02-15 16:53 - 2020-12-01 01:04 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-02-15 09:47 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-02-11 14:07 - 2024-01-01 13:04 - 000000000 ____D C:\Users\ahmed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MuseScore 4
==================== Fichiers à la racine de certains dossiers ========
2020-02-25 19:43 - 2020-02-25 19:43 - 003269504 _____ (Nicolas Coolman) C:\Users\ahmed\ZHPDiag3.exe
2016-01-03 17:27 - 2016-03-31 17:27 - 000001472 _____ () C:\Users\ahmed\AppData\Roaming\LAPTOP-METDILG9.MTBF.txt
2023-10-20 18:22 - 2023-10-20 18:22 - 000000132 _____ () C:\Users\ahmed\AppData\Roaming\Préfs Filtre IllExportation Adobe CS6
2023-01-16 21:29 - 2023-10-20 18:28 - 000000132 _____ () C:\Users\ahmed\AppData\Roaming\Préfs Format PNG Adobe CS6
2021-12-29 13:52 - 2021-12-29 14:03 - 001040888 _____ () C:\Users\ahmed\AppData\Roaming\TI Connect CE-5.6.3.2278-Installation.log
2015-12-27 20:50 - 2016-01-04 21:50 - 000000134 _____ () C:\Users\ahmed\AppData\Roaming\WB.CFG
2016-01-03 17:27 - 2016-03-31 16:54 - 000000681 _____ () C:\Users\ahmed\AppData\Roaming\__AvidCloudManager.log
2016-01-03 17:27 - 2016-03-31 13:11 - 000000973 _____ () C:\Users\ahmed\AppData\Roaming\__AvidCloudManagerPrevious.log
2021-03-21 21:44 - 2021-03-21 21:44 - 000001001 _____ () C:\Users\ahmed\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par ahmed (administrateur) sur LAPTOP-METDILG9 (LENOVO 80K6) (09-03-2024 08:43:35)
Exécuté depuis C:\Users\ahmed\Desktop\FRST64.exe
Profils chargés: ahmed
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.4046 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\UA Connect\UA Connect.exe ->) (Universal Audio, Inc. -> Universal Audio) C:\Program Files\UA Connect\resources\native\windows\x64\uacloudhelper.exe
(C:\Users\ahmed\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\ahmed\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe
(Cloanto Corporation -> Cloanto Corporation) C:\Program Files (x86)\Common Files\Cloanto\Software Director\softdir.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Musecy SM Ltd. -> Muse) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.2.800_x64__rb9pth70m6nz6\Muse.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(explorer.exe ->) (Universal Audio, Inc. -> Universal Audio, Inc.) C:\Program Files\UA Connect\UA Connect.exe <4>
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Avid Technology, Inc.) [Fichier non signé] C:\Program Files\Avid\Pro Tools\MMERefresh.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Software Development Products -> Intel(R) Corporation) C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseDCM.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe
(services.exe ->) (Musecy SM Ltd. -> Muse.Service) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.2.800_x64__rb9pth70m6nz6\Muse.Service.exe
(services.exe ->) (PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(services.exe ->) (Softube AB -> ) C:\Program Files\Softube\InstallerDaemon\InstallerService.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\ahmed\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\ahmed\AppData\Local\Microsoft\OneDrive\24.025.0204.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2401.2.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-05-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3743648 2015-06-25] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [DigidesignMMERefresh] => C:\Program Files\Avid\Pro Tools\MMERefresh.exe [117760 2016-05-09] (Avid Technology, Inc.) [Fichier non signé]
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [3160256 2021-05-10] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [GoPro Studio Importer] => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [3218184 2015-10-02] (GoPro, Inc. -> GoPro)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [CloantoSoftwareDirector] => C:\Program Files (x86)\Common Files\Cloanto\Software Director\softdir.exe [413000 2015-11-27] (Cloanto Corporation -> Cloanto Corporation)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (Shenzhen Yi Xing Investment Co., Ltd. -> iSkySoft)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [50899640 2020-03-27] (Hammer & Chisel Inc. -> Hammer & Chisel, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\Run: [MicrosoftEdgeAutoLaunch_8F18D55D5A8BBD283E9ED3C840256F33] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060728 2024-03-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\Run: [electron.app.UA Connect] => C:\Program Files\UA Connect\UA Connect.exe [163485584 2023-12-20] (Universal Audio, Inc. -> Universal Audio, Inc.)
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session -- microsoft-edge:hxxps://www.bing.com/sea (l'élément de données a 176 caractères en plus). [4060728 2024-03-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\MountPoints2: {0f60f23b-6b0f-11ed-9da6-b46d83fc022d} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\MountPoints2: {1903d9be-6dda-11ee-9e25-b46d83fc022d} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\MountPoints2: {392896c1-88b0-11eb-9d2c-1c394716231b} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\MountPoints2: {b4c7ac7f-2cf2-11ed-9d8f-b46d83fc022d} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\MountPoints2: {bb80d813-a221-11ec-9d74-1c394716231b} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\MountPoints2: {ed1957a6-d12a-11ed-9de5-b46d83fc022d} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-40630279-3267804419-453767322-1002\...\Run: [Discord] => C:\Users\bayal\AppData\Local\Discord\Update.exe [1512096 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-40630279-3267804419-453767322-1002\...\Run: [MicrosoftEdgeAutoLaunch_F009F001F93CA8AA0F5CFDE9437E5C3D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4060728 2024-03-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-40630279-3267804419-453767322-1002\...\Run: [Google Update] => C:\Users\bayal\AppData\Local\Google\Update\1.3.36.323\GoogleUpdateCore.exe [223008 2023-11-26] (Google LLC -> Google LLC)
HKU\S-1-5-21-40630279-3267804419-453767322-1002\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\bayal\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Pas de fichier)
HKU\S-1-5-21-40630279-3267804419-453767322-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\bayal\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Pas de fichier)
HKU\S-1-5-21-40630279-3267804419-453767322-1002\...\RunOnce: [Uninstall 21.245.1128.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\bayal\AppData\Local\Microsoft\OneDrive\21.245.1128.0002" [0 2023-11-26] () <==== ATTENTION [zéro octet Fichier/Dossier]
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [53656 2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\122.0.6261.112\Installer\chrmstp.exe [2024-03-08] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {33A4E136-8B8E-43E6-9A7D-39D5CDD58D0A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {884B5381-EB78-4FFB-A532-DAAFC77484FB} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {7792E9AD-BC49-42EC-8D9D-F1A3FF2DC416} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {48C1F5FA-0EBD-4C1E-A0B2-FCA6C2BC0AB5} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-ahmed.lasfer@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {62836F18-A518-41BF-B6BA-70F673C3A907} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe backgroundagent (Pas de fichier)
Task: {5241CB3C-C758-48AD-8FB9-A21895BC88A0} - System32\Tasks\DolbySelectorTask => %ProgramFiles%\Dolby Digital Plus\ddp.exe -autostart (Pas de fichier)
Task: {E942F175-55AF-4102-A913-62072CDF4621} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6342.2{D9FAC217-DFA1-4815-BC4F-BFFBD2CFB3EF} => C:\Program Files (x86)\Google\GoogleUpdater\124.0.6342.2\updater.exe [4721952 2024-03-06] (Google LLC -> Google LLC)
Task: {18F9CC10-FC9F-4789-BD51-E8ADE57B1730} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-40630279-3267804419-453767322-1002Core => C:\Users\bayal\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2016-08-07] (Google Inc -> Google Inc.)
Task: {76E4F7F5-B27D-404C-B4E8-50EB6A97836E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-40630279-3267804419-453767322-1002UA => C:\Users\bayal\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2016-08-07] (Google Inc -> Google Inc.)
Task: {7E98E48F-85CE-41ED-AC19-9D5CD1A06C3B} - System32\Tasks\Lenovo\Experience Improvement => "C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe" (Pas de fichier)
Task: {3E746C60-0DDA-441E-B950-3B84A4A4A7E6} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {142327AC-8258-46FF-93F5-C1D75E9A900B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {9E71278D-E25C-47B3-A02A-DF9F5AD2B000} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2480c85b-cd5a-4db0-9a85-9e44311bd403 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {ED0D8135-DC00-4C7C-BFBF-C9182E0E5C81} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2b71b68c-d93e-46c2-bce8-760ba02e0639 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {ED3F38E6-94A7-4B14-BF5F-3BDC4D5B0E51} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\b1feacbb-b36d-4ea3-9f7d-1c5f46fc731f => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {2C8B53FB-A841-4CC9-B7D7-5E5AE8DADA06} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e5bd82cb-1654-4e05-a54a-4fd06af3ef20 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {F6D89456-A31F-4227-B26C-B19EE15B2BD7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f8a613ef-87e6-46c4-bc46-50c332915b0d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {462355F7-6372-47A4-9A6F-AD3156A14B70} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
Task: {4D67B00F-675B-44DB-8B53-8D81251C95E7} - System32\Tasks\Lenovo\REACHit Agent Startup => "C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe" /nobrowser (Pas de fichier)
Task: {89630444-05B9-40F7-A6A4-67054B43F7CE} - System32\Tasks\Lenovo\REACHit Agent Update => "C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe" -update (Pas de fichier)
Task: {CB9F2222-C045-4341-A0E2-53A9C18AA8C6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B86BE6A2-47F3-49C1-8823-A8060B440D13} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {991F6FF6-7D4C-4A6C-B36B-9072B9A25FD6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6384C163-8A60-4977-B016-8D6C4F5693BD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F76C8543-149C-4141-91DF-A69265EAB21E} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671648 2024-03-06] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {EE5D5B8E-AB9D-4311-AF41-E68C55185F98} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-40630279-3267804419-453767322-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671648 2024-03-06] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {E8062FD6-54D6-4A53-A786-92DF38CC2FD5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-03-06] (Mozilla Corporation -> Mozilla Foundation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{ec3b97e7-efd3-4666-8135-6bff281b953c}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\ahmed\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-09]
Edge HomePage: Default -> hxxp://www.home-explore.com/
Edge StartupUrls: Default -> "hxxp://www.home-explore.com/"
Edge DefaultSearchURL: Default -> {bing:baseURL}search?q={searchTerms}&{bing:cvid}{bing:msb}{google:assistedQueryStats}
Edge Extension: (Google Docs hors connexion) - C:\Users\ahmed\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-08]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\ahmed\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-02-28]
Edge Extension: (Edge relevant text changes) - C:\Users\ahmed\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: tzvrkahc.default-1680280562217
FF ProfilePath: C:\Users\ahmed\AppData\Roaming\Mozilla\Firefox\Profiles\tzvrkahc.default-1680280562217 [2024-03-09]
FF Notifications: Mozilla\Firefox\Profiles\tzvrkahc.default-1680280562217 -> hxxps://www.facebook.com
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2016-01-03] [] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2024-02-22] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default [2024-03-08]
CHR Extension: (Slides) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-26]
CHR Extension: (Docs) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-26]
CHR Extension: (Google Drive) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-07-02]
CHR Extension: (YouTube) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-12]
CHR Extension: (Sheets) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-26]
CHR Extension: (Google Docs hors connexion) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-08]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-03-08]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-18]
CHR Extension: (Gmail) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-06-18]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 DigiRefresh; C:\Program Files\Avid\Pro Tools\MMERefresh.exe [117760 2016-05-09] (Avid Technology, Inc.) [Fichier non signé]
S3 digiSPTIService64; C:\Program Files\Avid\Pro Tools\digisptiservice64.exe [197632 2016-05-09] (Avid Technology, Inc.) [Fichier non signé]
S2 GoogleUpdaterInternalService124.0.6342.2; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6342.2\updater.exe [4721952 2024-03-06] (Google LLC -> Google LLC)
S2 GoogleUpdaterService124.0.6342.2; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6342.2\updater.exe [4721952 2024-03-06] (Google LLC -> Google LLC)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
R3 Muse Hub Background Service; C:\Program Files\WindowsApps\Muse.MuseHub_1.0.2.800_x64__rb9pth70m6nz6\Muse.Service.exe [188928 2023-12-04] (Musecy SM Ltd. -> Muse.Service)
R2 NativePushService; C:\Users\ahmed\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [595352 2023-08-22] (Wondershare Technology Group Co.,Ltd -> Wondershare)
R2 RealSenseDCM; C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseDCM.exe [3663512 2015-10-15] (Intel(R) Software Development Products -> Intel(R) Corporation)
R2 SoftubeInstallerDaemon; C:\Program Files\Softube\InstallerDaemon\InstallerService.exe [10284824 2019-07-10] (Softube AB -> )
S3 UAHelperService; C:\Program Files\UA Connect\resources\native\windows\x64\uahelperservice.exe [6904208 2023-12-20] (Universal Audio, Inc. -> Universal Audio)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe [3191256 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe [133576 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u hxxps://activation.paceap.com/InitiateActivation
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 Apogee; C:\WINDOWS\System32\drivers\Apogee.sys [351808 2018-01-04] (Microsoft Windows Hardware Compatibility Publisher -> Thesycon Software Solutions GmbH & Co. KG)
R3 Apogeeks; C:\WINDOWS\System32\drivers\Apogeeks.sys [53312 2018-01-04] (Microsoft Windows Hardware Compatibility Publisher -> Thesycon Software Solutions GmbH & Co. KG)
R3 IXCamera; C:\WINDOWS\system32\DRIVERS\RealSenseDCM.sys [72704 2015-10-15] (Intel(R) Software Development Products -> Intel(R) Corporation)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24064 2023-10-11] (Microsoft Corporation) [Fichier non signé]
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21040 2024-02-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [608648 2024-02-28] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105752 2024-02-28] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
S3 AppleLowerFilter; \SystemRoot\System32\drivers\AppleLowerFilter.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-03-09 08:43 - 2024-03-09 08:45 - 000030627 _____ C:\Users\ahmed\Desktop\FRST.txt
2024-03-09 08:41 - 2024-03-09 08:44 - 000000000 ____D C:\FRST
2024-03-09 08:37 - 2024-03-09 08:38 - 047696672 _____ (Corel Corporation) C:\Users\ahmed\Desktop\wzsus53.exe
2024-03-09 08:37 - 2024-03-09 08:37 - 002390016 _____ (Farbar) C:\Users\ahmed\Desktop\FRST64.exe
2024-03-06 18:21 - 2024-03-08 10:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-03-02 11:08 - 2024-03-02 11:12 - 001398780 _____ C:\WINDOWS\Minidump\030224-52875-01.dmp
2024-02-24 21:57 - 2024-02-24 21:57 - 000000000 ____D C:\Users\ahmed\AppData\Local\ToastNotificationManagerCompat
2024-02-24 21:53 - 2024-02-24 21:53 - 003361880 _____ (OneLaunch ) C:\Users\ahmed\Downloads\OneLaunch - Manuals Search_b8fc6.exe
2024-02-24 21:50 - 2024-02-24 21:50 - 007762072 _____ C:\Users\ahmed\Downloads\Francisco Tarrega - Opere per Chitarra - Vol.3 - Composizioni Originali (Mario Gangi, Carlo Carfagna) (Z-Library).pdf
2024-02-24 21:50 - 2024-02-24 21:50 - 006598834 _____ C:\Users\ahmed\Downloads\Francisco Tarrega - Opere per Chitarra - Vol.2 - Studi (Mario Gangi, Carlo Carfagna) (Z-Library).pdf
2024-02-24 21:49 - 2024-02-24 21:49 - 003829510 _____ C:\Users\ahmed\Downloads\Francisco Tarrega - Opere per Chitarra - Vol.1 - Preludi (Mario Gangi, Carlo Carfagna) (Z-Library).pdf
2024-02-24 21:46 - 2024-02-24 21:46 - 007521104 _____ C:\Users\ahmed\Downloads\Complete Etudes for Guitar (Francisco Tarrega) (Z-Library).pdf
2024-02-24 21:40 - 2024-02-24 21:40 - 001847598 _____ C:\Users\ahmed\Downloads\Comme des chansons Vol 3 (Thierry Tisserand) (Z-Library).pdf
2024-02-24 21:37 - 2024-02-24 21:37 - 006545042 _____ C:\Users\ahmed\Downloads\20 Etudes Simples (Leo Brouwer) (Z-Library).pdf
2024-02-24 21:36 - 2024-02-24 21:36 - 001476712 _____ C:\Users\ahmed\Downloads\Etudes simples pour guitare. 1ere serie (No. 1 a 5) (Leo Brouwer) (Z-Library).pdf
2024-02-24 21:35 - 2024-02-24 21:35 - 019144601 _____ C:\Users\ahmed\Downloads\12 sonatas. Transcribed for guitar by Leo Brouwer (Domenico Scarlatti) (Z-Library).pdf
2024-02-24 21:24 - 2024-02-24 21:24 - 002217454 _____ C:\Users\ahmed\Downloads\Imagens do Nordeste (for 2 guitars) (Machado Celso.) (Z-Library).pdf
2024-02-24 21:14 - 2024-02-24 21:14 - 014337466 _____ C:\Users\ahmed\Downloads\CATAGUI.pdf
2024-02-24 21:13 - 2024-02-24 21:13 - 007088289 _____ C:\Users\ahmed\Downloads\A Way of Life (Maria Linnemann) (Z-Library).pdf
2024-02-21 22:28 - 2024-02-21 22:28 - 000000000 _____ C:\WINDOWS\Minidump\022124-47000-01.dmp
2024-02-21 19:27 - 2024-02-21 19:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2024-02-16 17:04 - 2024-03-09 08:33 - 000000000 ____D C:\Users\ahmed\Desktop\Télécharger
2024-02-16 16:18 - 2024-02-16 16:18 - 000019697 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-02-16 16:16 - 2024-02-16 16:16 - 000019697 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-02-16 15:02 - 2024-02-16 15:02 - 000000000 ___HD C:\$WinREAgent
2024-02-11 14:07 - 2024-02-11 14:07 - 000001164 _____ C:\Users\ahmed\Desktop\MuseScore 4.lnk
2024-02-09 15:41 - 2024-02-09 15:41 - 014667313 _____ C:\Users\ahmed\Downloads\wetransfer_2023_fdcp_selection-5237-jpg_2024-02-07_1112.zip
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-03-09 08:42 - 2022-02-10 20:50 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-03-09 08:39 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-09 08:28 - 2020-12-01 00:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-03-09 08:04 - 2023-12-04 10:11 - 000000000 ____D C:\Users\ahmed\AppData\Roaming\MuseScore
2024-03-09 07:47 - 2018-05-19 15:46 - 000000000 ____D C:\Users\ahmed\AppData\Local\Adobe
2024-03-09 07:40 - 2020-12-01 00:50 - 000006020 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-09 07:40 - 2020-11-29 19:45 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2024-03-09 07:40 - 2019-12-07 15:49 - 000883204 _____ C:\WINDOWS\system32\perfh00C.dat
2024-03-09 07:40 - 2019-12-07 15:49 - 000188122 _____ C:\WINDOWS\system32\perfc00C.dat
2024-03-09 07:40 - 2015-12-27 12:28 - 000000000 __SHD C:\Users\ahmed\IntelGraphicsProfiles
2024-03-08 19:44 - 2020-11-30 22:37 - 000000000 ____D C:\Users\ahmed
2024-03-08 11:13 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-08 11:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-03-08 11:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-03-08 10:57 - 2021-12-17 17:36 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-03-08 10:53 - 2016-02-12 19:04 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-08 10:50 - 2023-03-31 17:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-03-08 10:50 - 2020-12-01 01:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-03-08 10:50 - 2020-12-01 00:25 - 000008192 ___SH C:\DumpStack.log.tmp
2024-03-08 10:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-03-06 21:20 - 2023-03-31 17:35 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-03-06 18:26 - 2021-12-11 10:31 - 000003580 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-40630279-3267804419-453767322-1001
2024-03-06 18:26 - 2020-12-01 01:04 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-40630279-3267804419-453767322-1001
2024-03-06 18:26 - 2020-11-30 22:37 - 000002420 _____ C:\Users\ahmed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-06 18:25 - 2020-12-01 01:04 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-06 18:25 - 2020-12-01 01:04 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-03 21:25 - 2015-12-27 20:40 - 000000000 ____D C:\Users\ahmed\AppData\Roaming\vlc
2024-03-03 20:29 - 2020-06-14 23:48 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-03 20:29 - 2020-06-14 23:48 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-03-02 11:13 - 2021-02-03 22:30 - 000000000 ____D C:\WINDOWS\Minidump
2024-03-02 11:08 - 2021-02-03 22:30 - 1269834853 _____ C:\WINDOWS\MEMORY.DMP
2024-02-28 12:34 - 2022-10-14 10:14 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2024-02-28 12:31 - 2018-05-19 16:19 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-02-25 11:05 - 2017-12-22 16:22 - 000000000 ____D C:\Users\ahmed\AppData\Local\Packages
2024-02-23 10:52 - 2024-01-02 16:50 - 000008192 _____ C:\Users\ahmed\Desktop\Travaux musique.xls
2024-02-22 22:04 - 2023-03-31 17:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-02-21 19:27 - 2016-02-12 19:03 - 000000000 ____D C:\Program Files (x86)\Google
2024-02-19 18:05 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-02-16 21:53 - 2019-12-07 10:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2024-02-16 21:47 - 2020-12-01 00:26 - 005431200 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-02-16 21:41 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-02-16 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-02-16 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-02-16 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-16 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-02-16 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-02-16 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-02-16 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-02-16 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-02-16 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-02-16 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-02-16 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-16 16:29 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-16 16:16 - 2020-12-01 00:31 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-02-16 14:53 - 2016-02-17 22:05 - 000000000 ____D C:\ProgramData\Package Cache
2024-02-16 14:52 - 2023-12-04 09:58 - 000000000 ____D C:\Program Files\dotnet
2024-02-16 14:51 - 2015-12-27 19:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-16 14:37 - 2015-12-27 19:53 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-02-15 16:53 - 2020-12-01 01:04 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-02-15 09:47 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-02-11 14:07 - 2024-01-01 13:04 - 000000000 ____D C:\Users\ahmed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MuseScore 4
==================== Fichiers à la racine de certains dossiers ========
2020-02-25 19:43 - 2020-02-25 19:43 - 003269504 _____ (Nicolas Coolman) C:\Users\ahmed\ZHPDiag3.exe
2016-01-03 17:27 - 2016-03-31 17:27 - 000001472 _____ () C:\Users\ahmed\AppData\Roaming\LAPTOP-METDILG9.MTBF.txt
2023-10-20 18:22 - 2023-10-20 18:22 - 000000132 _____ () C:\Users\ahmed\AppData\Roaming\Préfs Filtre IllExportation Adobe CS6
2023-01-16 21:29 - 2023-10-20 18:28 - 000000132 _____ () C:\Users\ahmed\AppData\Roaming\Préfs Format PNG Adobe CS6
2021-12-29 13:52 - 2021-12-29 14:03 - 001040888 _____ () C:\Users\ahmed\AppData\Roaming\TI Connect CE-5.6.3.2278-Installation.log
2015-12-27 20:50 - 2016-01-04 21:50 - 000000134 _____ () C:\Users\ahmed\AppData\Roaming\WB.CFG
2016-01-03 17:27 - 2016-03-31 16:54 - 000000681 _____ () C:\Users\ahmed\AppData\Roaming\__AvidCloudManager.log
2016-01-03 17:27 - 2016-03-31 13:11 - 000000973 _____ () C:\Users\ahmed\AppData\Roaming\__AvidCloudManagerPrevious.log
2021-03-21 21:44 - 2021-03-21 21:44 - 000001001 _____ () C:\Users\ahmed\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================